Tips for Detecting a Hack Early

Even if you think you’re doing everything right, there’s always a chance your site will be hacked. If it happens, it is important to find out quickly. An attacker with control of your site can do a lot of damage to your site visitors, your SEO rankings and your reputation. If your website is critical to your business it can also directly impact revenue.

There are a number of things you can do to improve your odds of detecting a hack quickly:

  1. Visit your site often. It seems obvious, but as the site owner you are much more likely than someone else to spot something that doesn’t look right.
  2. Search for your website regularly. Some hacked sites look perfectly normal to a regular user while serving up spam and other malicious content to search engines. By searching for your site you should be able to catch SEO spam even if an attacker is trying to hide it from you. Also, click the links in your search results to make sure the search engine link directs where it should, and not a bad online neighborhood.
  3. Set up email alerts in Google Search Console. Google is constantly crawling your site and will alert you if problems are detected, including the presence of malware.
  4. Use a security scanner and set up email alerts. The Wordfence scanner checks WordPress core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections. It also compares the files on your site with those in the repository, checking their integrity and reporting any changes to you. The Premium version can be scheduled to scan more often and at optimum times, leverages real-time malware signature updates and performs blacklist checks.
  5. Your site visitors are often the first to identify an issue with your website. Make sure that it is easy for them to contact you and that you investigate their reports immediately.
  6. Watch for unexplained spikes in traffic. If an attacker is using your site to host malicious content, they are likely going to drive traffic to it. An unexplained increase in site traffic may indicate a hacked site.

We hope you never get hacked, but if you do we hope these tips will help you detect and deal with it quickly. As a Wordfence Premium customer, you also have a security team behind you. If you need help interpreting results of any scan or alert, even from a source other than Wordfence, reach out via premium support. Our customer service engineers are your security team.


Mark Maunder – Wordfence Founder & CEO